Management Business Consulting - Astral Consulting Pvt Ltd
Home  |  Career  |  Enquiry  |  Contact us  |  Sitemap
Management Business Consultancy And Management Advisory Services
ISO 27001 / ISMS

IT health check is an exercise of review and evaluation of an Information Security Management System based on ISO 17799 and other company specific requirements.  It will tell what organizations need to do to comply with the ISO 27001 2005 Information security management standard.

Firstly, an understanding of the current state of information security within the organization is gained. The major benefits include a quick return in terms of awareness of the security requirements as well as significant gaps, and a more reliable estimate of the requirements in terms of schedule and effort, when a full ISO 27001 implementation is considered necessary. Senior management commitment is the most important critical success factor to build an information security infrastructure within the organisation.

 MEANS METHODS AND OUTCOME

The ISMS adopts the following stages to support organization emulate the standards and qualify for compliance and certification.

Plan (Establish the ISMS)

Establish ISMS policy, objectives, processes and procedures relevant to managing risk and improving information security to deliver results in accordance with an organization’s overall policies and objectives.

Do (Implement and operate the ISMS)

Implement and operate the ISMS policy, controls, processes and procedures.

Check (Monitor and review the ISMS)
Assess and where applicable, measure process performance against ISMS policy, objectives and practical experience and report the results to the management for review.

Act (Maintain and improve the ISMS)
Take corrective and preventive actions, based on the results of the internal ISMS audit and management review or other relevant information, to achieve continuous improvement of the ISMS

Astral’s ISMS Implementation Services

  • Facilitating Risk Assessment
  • Facilitation for Prioritization of risks, selection of controls and risk mitigation
  • Implementation Support
  • Certification Support
  • Post Implementation / Certification Health Check

DELIVERABLES

  • Information security policies
  • A comprehensive risk assessment report
  • Statement of applicability, describing which parts of the ISO/IEC 27001:20045 are relevant and applicable for the organization’s ISMS.
  • Procedures adopted to implement the controls including responsibilities and relevant actions
  • Procedures covering the management and operation of the ISMS

Benefits
    Organizations can expect extensive benefits by implementing ISMS. Some of these benefits include
  • Business Continuity Plan
  • Improved understanding of business processes
  • Downsizing security breaches and / or claims
  • Nullifying adverse publicity by protecting organizations’ integrity from being compromised by ill-intended parties.
  • Identifying critical assets via business risk assessment
  • Ensure that “knowledge capital” is “stored” in a business management system
  • Provide a structure for continuous improvement
  • Enhance the knowledge and importance of security related issues at the management level
  • Minimizes risks and losses
  • Compliance to rules, legislation, company standards and practices
Consulting
ERP Consultancy
Software Application Consultancy
SAP BI, Oracle DBI
Data Centre & Disaster Recovery Site
Network Consulting
IT Balanced Scorecard
ERP Clinic
 Assurance
ERP Audit / S/w Application Review
Information Security Audit
ISO 27001 / ISMS
BPO Performance Audit
Website Audit
Business Process Outsourcing
BPO/Call Center Performance Audit